Presentation for Roadshow of Cyber Security Marathon 2018 Code Margonda Depok, 2018-01-11 So you got python? How far can you push your python? Why would hackers love python? It's not hard to know that python is amazing language. But how amazing it could be for cyber security? Let's see by getting our hands dirty, from simple tasks to more challenging action

1. The
Offensive Python
Practical Python for Penetration Testing

2. Hi!
I am Satria Ady Pradana
Community Leader
of
Reversing.ID
xathrya
@xathrya
Reversing.ID
Revealing the Truth through Breaking Things

3. “I am not going to teach you the
basic of Python programming.
I am going to show you the
power of python! ❤

4. 1.
Why Python? Wonder Why?
Packet crafting reverse engineering
Penetration testing machine learning
Cyber Security Forensic
Automation Exploit Development
Fuzzing
.
.
.

5. Why Python for cyber security?
1. Designed for rapid prototyping
2. Simple and clean structure, improve readability
and ease of use.
3. Extensive library, also ease of interfacing
4. Widely adopted, most linux distro ship it by
default
Which makes it ideal language for scripting and rapid
development.

6. 2.
Python
Implementation
The Realm of
Python

7. 1. CPython (reference)
2. IronPython and FePy (run on top of .NET VM)
3. Jython (run on top of JVM / Java VM)
4. PyPy (python in python)
Many more…
See https://www.python.org/download/alternatives/

9. “Picking the right tools for the
jobs

10. 3.
Warming Up
Let’s code
the
basic things

11. “The root of cyber security is
programming and networking
with extra magic logic.

12. Let’s start by FUNdamental Things
1. Network (Server, Client)
2. Cryptography

13. Simple Servers
▸Host some files
▸Collect data
▸Relay informations
See Python3 http.server
(https://docs.python.org/3/library/http.server.html)

14. Simple Client
▸Create malicious request
▸Dorking
▸Automatic requests sender
See
- requests library (http://docs.python-
requests.org/en/master/)
- BeautifulSoup4
(https://www.crummy.com/software/BeautifulSoup
/bs4/doc/)

15. Cryptography
▸Encrypt / Decrypt
▸Compute hash value
▸Some stuffs on certificate
See
- PyCrypto library
(https://www.dlitz.net/software/pycrypto/api/2.6/)

16. 4.
Getting
Advanced
Let’s code
More
FUN things

17. (Network)
Packet Crafting Scapy

18. What is Scapy?
▸Packet manipulation and decoder for python
▹send, sniff, dissect, and forge network packets
▹Handle most network tasks such as scanning,
tracerouting, probing, fuzzing, network discovery.
▹The idea: sending packets and receiving answers.

19. Can “Replace” Tools
▸hping
▸arpspoof
▸arping,
▸p0f
▸Tcpdump & tshark
▸… etc
i.e: Create any flexible networking tools for any purpose

20. Used for
▸ARP Cache poisoning
▸Sending invalid frame
▸Injecting 802.11 frames
▸Combining techniques (ex: VLAN hopping + ARP
cache poisoning)
▸… etc

21. Basic of Scapy
▸Each protocol has representation (i.e: Ether, ARP, TCP,
IP, etc)
▸The component of each protocol can be modified (i.e:
destination address, hardware address, etc)
▸A packet is a stack of protocols, as simple as
concatenating with / (slash)
▸Packet can be sent from layer 3 (send) or layer 2
(sendp).

22. Starting Scapy (Interactive)
In command line
$ scapy
>>>
Or, in python REPL prompt
from scapy.all import *

23. (Reversing)
Automated Bug
Finder Angr

24. What is angr?
▸A binary analysis framework
▸Framework for analyzing binaries
▸Combines static and dynamic symbolic analysis

25. Which one is easier to read?

26. ▸Program can be represented as graph for better
exploration.
▸Complex operation can be decomposed / simplified.
▸Program is a flow of set (block) of instruction to
another set of instruction.
▸We call it states
▸From this states, can we reach that state?

27. ▸SURE !!!